As the admin you have the daunting task of ensuring your CMS is properly patched. Here we shall show you how to guard against the most common exploits and hacks that this open source CMS faces.
1. Nothing More Critical Than Hosting and Servers
Many a server errors can be attributed to unpatched servers. So,
• Make sure you are using a well-known secure host and that you stay current with your server patches.
• Host your site on a server that runs PHP 5.2 or better
• Ensure that you are using the latest Apache version and that your Apache configuration doesn't allow browsing/indexing.
2. Enable and Use the htaccess File:
Even though the htaccess file is not in use, ensure you rename it from “.htaccess.txt” to “.htaccess”
3. Consider an Incident Management Plan
"Back up early and often"- this takes a lot of the pressure off your shoulders when your site be hacked to ensure you can restore your site without significant downtime or loss of data.
4. Manage Third party extensions
What make Joomla CMS so wildly popular is that every extension is considered to be another item that you have to ensure is updated / patched.
5. Use SSL Certification
Induce Joomla into SSL mode for all logins. Be aware that you must have a properly configured SSL certificate for your site's domain rather than a shared SSL certificates.
Joomla security depends on a number of things that have to be maintained and updated on a regular basis. Need to stay on top? Know your site and stay current with patches and extensions, as well as cleaning things up from time to time. Good luck!
